Rare Cross-platform malware rears ugly head
On Wednesday, July 11, security firms F-Secure and Sophos both confirmed a Java Archive file which detects a user’s platform and connects to a remote server to fetch additional code which creates a back-door for hackers has been unleashed onto the internet.
The file pretends to be a needed Java add-on, which unsuspecting users allow to be installed on their system.
What’s unusual in this case is that the malware targets Macs, Windows and Unix users simultaneously. The Mac version of the malware is identified by F-Secure as “Backdoor:OSX/GetShell.A.” Although Macs continue to increase in popularity, Windows users still represent a much larger target and therefore a more logical direction for the time and effort involved.
Fully updated Macs should be immune to the attack, since the OS X code is actually a PowerPC binary. OS X Lion doesn’t support Rosetta, the software needed for backwards compatibility with PowerPC applications. Even with OS X Snow Leopard, Rosetta is only an optional upgrade.
The next round of Microsoft security updates should address the malware for Windows users, which supports the idea of the importance of staying up-to-date. Updated anti-malware definitions from Sophos will also address the issue within the next few days.
ArcSource Consulting continues to keep its partners up-to-date on the most recent threats and keep operations running smoothly with the least interruption as possible.